Large-data-flow-based network traffic abnormality detection system and method

A network traffic and anomaly detection technology, which is applied in the direction of data exchange network, digital transmission system, transmission system, etc., can solve the problems of real-time and low efficiency of large data traffic anomaly detection, and achieve the effect of accurate training and efficiency improvement

Active Publication Date: 2015-04-29
STATE GRID CORP OF CHINA +3
View PDF4 Cites 58 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] In order to solve the problems in the prior art, the present invention provides a network traffic anomaly detection system and method based on large data flow

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Large-data-flow-based network traffic abnormality detection system and method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0019] The present invention will be further described below in conjunction with the accompanying drawings. The following examples are only used to illustrate the technical solution of the present invention more clearly, but not to limit the protection scope of the present invention.

[0020] like figure 1 As shown, a network traffic anomaly detection system based on big data flow is characterized in that it includes a network data collector, a distributed real-time data transmission channel, a distributed stream processing platform, a network data protocol feature library, and a big data platform; The network data packet collected by the network data collector on the network device is sent to the distributed stream processing platform through the distributed real-time data transmission channel; the distributed stream processing platform performs data analysis on the received network data packet, and passes The network data protocol feature library performs data feature match...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a large-data-flow-based network traffic abnormality detection system and method. The large-data-flow-based network traffic abnormality detection method is characterized by comprising the following steps: acquiring network packet information in network equipment in real time in a distributed manner; transmitting the network packet information to a distributed flow processing platform in real time for network data analysis, feature matching and access counting; storing the analyzed and detected network data into a large data platform according to an abnormal status so as to facilitate clustering analysis and classified training of the network data and dynamically update a network data protocol characteristic library. Through the system and the method, real-time detection is achieved through a distributed flow-type processing mechanism; through distributed storage of the large data platform and through the data calculating and analyzing capability, the distributed storage of the network data is achieved and the network data protocol characteristic library can be trained more accurately.

Description

technical field [0001] The present invention relates to network data transmission, distributed real-time data collection, distributed stream processing, and distributed data storage, and more specifically, relates to a network traffic anomaly detection system and method based on large data streams. Background technique [0002] With the rapid development of computer network technology, the means of network attack have also increased rapidly, and the security threats faced by network information systems have become increasingly prominent. extensive attention and attention. For the problem of network traffic anomaly detection, traditional solutions include methods based on rules, statistical analysis, and finite state machines. These methods can detect traffic anomalies to a certain extent, but there are some shortcomings in terms of processing data volume and real-time performance. Therefore, it is necessary to improve network traffic anomaly detection methods. This system ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L12/26H04L29/08
Inventor 黄高攀张明明郑海雁腾爱国李红梅宋浒吴钢熊政李昆明方超仲春林王健孟嘉季聪
Owner STATE GRID CORP OF CHINA
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap